Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Sophos warns of two ransomware groups abusing Microsoft 365 services and default configurations to contact internal enterprise users.

SecurityWeek’s Cyber Insights 2025 examines expert opinions to gain their opinions on what to expect in Attack Surface Management in 2025.

PowerSchool says the personal information of students and educators was stolen in a December 2024 data breach.

Marco Raquan Honesty has pleaded guilty to his roles in several fraud schemes, including smishing, identity theft, and bank account takeover.

Social media security startup Spikerz has raised $7 million in a seed funding round led by Disruptive AI.

Kaspersky has disclosed the details of over a dozen vulnerabilities discovered in a Mercedes-Benz MBUX infotainment system. 

The FCC adopts declaratory ruling requiring telecommunications providers to secure their networks against nation-states and other threats.

CISA and the FBI have updated their guidance regarding risky software security bad practices based on feedback received from the public.

HPE is investigating claims by the hacker IntelBroker, who is offering to sell source code and other data allegedly stolen from the tech giant.

TikTok restored service to users in the United States on Sunday just hours after the popular video-sharing platform went dark in response to a federal ban.

The Treasury Department announced sanctions in connection with a massive Chinese hack of American telecommunications companies and a breach of its own computer network.

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

Anand Ramanathan has been appointed as Chief Product Officer at Deepwatch.

Managed security platform provider Deepwatch has appointed Sammie Walker as CMO.

More People On The Move
PowerSchool data breach PowerSchool data breach

PowerSchool says the personal information of students and educators was stolen in a December 2024 data breach.

HPE hacked HPE hacked

HPE is investigating claims by the hacker IntelBroker, who is offering to sell source code and other data allegedly stolen from the tech giant.

US sanctions Chinese company for hacking US sanctions Chinese company for hacking

The Treasury Department announced sanctions in connection with a massive Chinese hack of American telecommunications companies and a breach of its own computer network.

Top Cybersecurity Headlines

In 2024 organizations informed the US government about 720 healthcare data breaches affecting a total of 186 million user records.

Jen Easterly hopes CISA is allowed to continue its election-related work under new leadership despite “contentiousness” around that part of its mission.

Fortinet patches critical vulnerabilities, including a zero-day that has been exploited in the wild since at least November 2024. 

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Explore trends and technologies that will shape the future of cybersecurity. Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.(February 26, 2025)

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

Barracuda Networks, the Campbell, California-based maker of security, networking and data protection solutions, has released new firmware for their Web filter customers, which adds monitoring and archiving functions for Twitter, Facebook, and other social media applications.Customers of Barracuda’s Web filtering are eligible for an upgrade to version 6.0, which includes enforcement and monitoring abilities for social media.

WASHINGTON - (AFP) - A bill aimed at protecting the United States from cyber attacks failed to advance in the US Senate on Thursday, severely denting hopes for the passage of a measure backed by President Barack Obama.

BEIRUT - (AFP) - Mobile phone and Internet services have been cut in Aleppo, Syria's second city, where a crucial battle is taking place between rebels and the army, the Syrian Observatory for Human Rights said on Thursday."Mobile telecommunications services and Internet have been cut off in the city of Aleppo since last night," it said. An activist, who asked not to be identified, confirmed that the Internet, landlines and some mobile services were down in the northern city, Syria's...

On Sunday, security researcher Michael Coppola gave a presentation at DEF CON that explored the process of compromising routers used in SOHO (Small Office / Home Office) environments, and turning them into botnet clients.

Verizon “Redefines” VERIS, Improves Open Information Sharing Verizon Business has publicly released the data anonymously submitted by organizations to its incident-sharing program and promised changes to make the system more collaborative and useful.

Last month, Dropbox announced that they had taken on outside help in order to investigate a potential data breach. The investigation kicked off after a dozens of users reported being spammed on accounts used exclusively for the service. Twelve days later, Dropbox has now confirmed the initial speculation, saying the spam originated from a compromised employee’s account.

HONG KONG - (AFP) - Chinese communications giant Huawei Technologies on Wednesday responded to US hackers' claims that its routers were easily cracked, saying its security strategies were rigorous.

A British market research firm, Goode Intelligence, says that biometrics for mobile devices will be an essential feature before the decade is out. Their claims come from previous forecasts that point to a market growth of nearly 39 million users by 2015. Smart Mobile Devices (SMDs) are now the personal device of choice, Goode notes, with sales outpacing PCs. The BYOD trend is accelerating the need for enhanced security as SMDs are being used more often for consumer and business-sensitive...

From Flame to Madi, malware used for cyber espionage continues to stay under the radar while silently swiping data from corporation's digital coffers. In a new report, Dell SecureWorks researcher Joe Stewart went inside this part of the cyber-underworld, uncovering a realm where hundreds of actors make, control and propagate malware designed to spy on institutions around the world.

In a talk on router hacking during Def Con on Sunday, Recurity Labs’ Felix (FX) Lindner told those in attendance that for the 20th anniversary of Def Con, the gift was China. This is because he was about to give a presentation on the seriously security challenged status of routers manufactured by Huawei.Update: China's Huawei Responds to US Hackers

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

CISA and the FBI have updated their guidance regarding risky software security bad practices based on feedback received from the public.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.